Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa
File:                     fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa (raw, json)
Hash identifier:          3ecrWzY+uLNgu2RHo2ib8GSB6hP/OCKmSi5nXVrWfQA=
Subject key identifier:   7D:AC:91:60:04:5B:8E:A0:1F:3D:F6:E3:2C:63:46:27:BB:BA:05:DE
Certificate issuer:       /CN=6d088cef28e02af7d00f297816c55f8e3c43d535
Certificate serial:       018EDCA026DF6393439E3A4601E34EC1600D
Authority key identifier: 6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa
Signing time:             Sun 14 Apr 2024 12:41:06 +0000
ROA not before:           Sun 14 Apr 2024 12:41:06 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     42861
IP address blocks:        77.91.66.0/24 maxlen: 24
                          77.91.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 11 Jul 2024 19:04:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:dc:a0:26:df:63:93:43:9e:3a:46:01:e3:4e:c1:60:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d088cef28e02af7d00f297816c55f8e3c43d535
        Validity
            Not Before: Apr 14 12:41:06 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7dac9160045b8ea01f3df6e32c634627bbba05de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:0f:4a:2e:22:9a:48:8c:59:fa:da:a3:eb:80:
                    67:ed:0a:87:2d:71:8f:11:6b:57:cc:1b:19:4a:ab:
                    18:8a:c1:0f:24:fe:e4:d5:f0:b1:e4:11:95:54:87:
                    f0:97:83:85:95:61:78:ba:13:74:16:c4:35:77:93:
                    58:17:2c:ad:43:12:72:02:bb:35:fd:bd:2f:e9:49:
                    cb:fe:9c:da:ac:ef:43:7f:b7:40:4b:f9:c5:06:bc:
                    10:04:44:b6:8e:b0:cc:f8:e2:2d:f8:88:f4:22:ce:
                    47:d9:54:4b:bf:28:4b:0f:50:4e:3e:36:53:69:5e:
                    73:7e:95:f5:55:c7:73:4e:5f:e2:a2:a3:98:70:9a:
                    ba:9f:3d:3b:e6:8a:64:23:db:a4:61:a3:26:47:56:
                    f2:d7:9f:31:1f:4c:df:01:72:41:36:fc:dd:b3:f7:
                    c7:d4:a7:93:58:72:59:0d:49:e5:be:1c:96:d8:14:
                    c7:a6:fd:d0:da:ee:cd:23:7f:e7:ef:16:a5:04:56:
                    c5:f1:b9:0c:9e:b2:91:de:46:89:9e:0a:33:02:c8:
                    bd:1f:ea:1e:57:7c:0c:e7:eb:92:3f:0d:a0:ba:07:
                    34:69:42:fe:f7:fa:b8:86:95:9a:f2:09:4e:49:fb:
                    e0:6d:48:24:30:b7:99:9d:e2:bb:8c:18:4b:b6:a3:
                    39:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:AC:91:60:04:5B:8E:A0:1F:3D:F6:E3:2C:63:46:27:BB:BA:05:DE
            X509v3 Authority Key Identifier:
                keyid:6D:08:8C:EF:28:E0:2A:F7:D0:0F:29:78:16:C5:5F:8E:3C:43:D5:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQiM7yjgKvfQDyl4FsVfjjxD1TU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/fayRYARbjqAfPfbjLGNGJ7u6Bd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/d57a64-bd32-4c91-be06-fee8eaf73b0d/1/bQiM7yjgKvfQDyl4FsVfjjxD1TU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.91.66.0/24
                  77.91.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:08:47:3f:a9:96:9b:92:d2:cc:64:23:e3:77:9c:22:89:b5:
         fe:0a:a4:93:69:7e:39:50:14:7d:d2:e7:8b:4f:d1:60:60:82:
         ab:38:82:c0:e1:db:5a:73:ea:49:04:71:f0:29:92:03:82:99:
         cd:3d:08:37:4b:79:af:bf:22:59:ed:81:c4:02:c9:b3:75:68:
         8e:90:f4:c3:a5:ad:d9:c7:54:3e:83:a0:d5:1b:10:26:69:85:
         f0:8d:9d:45:51:34:42:6c:1b:d9:3b:18:ed:10:c2:28:28:3d:
         f4:0d:c6:b6:8d:58:22:15:65:e6:3c:20:80:e1:27:3f:9b:c5:
         45:62:65:9b:de:f6:9d:6d:56:0d:d8:b3:a8:b1:1d:bc:5d:ba:
         75:91:8e:fd:f3:3c:61:2b:0b:1b:68:d2:07:b4:e3:13:c9:24:
         7d:17:fc:56:10:45:27:d8:87:87:a9:2b:63:a4:b3:b6:a5:2c:
         81:04:cd:0a:18:65:11:d8:c7:37:34:21:3d:08:84:d3:b0:25:
         ea:21:7e:7c:0f:21:95:77:46:ad:95:4e:e1:e1:88:7e:d5:b8:
         80:9d:e3:59:36:a4:e4:7a:46:23:d0:5e:ed:65:16:17:ec:df:
         92:94:76:98:b8:ab:17:8f:19:d9:49:07:4c:13:b0:f0:79:5d:
         52:6b:88:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7coCbfY5NDnjpGAeNOwWANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDg4Y2VmMjhlMDJhZjdkMDBmMjk3ODE2YzU1ZjhlM2M0
M2Q1MzUwHhcNMjQwNDE0MTI0MTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFjOTE2MDA0NWI4ZWEwMWYzZGY2ZTMyYzYzNDYyN2JiYmEwNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A9KLiKaSIxZ+tqj64Bn7QqHLXGP
EWtXzBsZSqsYisEPJP7k1fCx5BGVVIfwl4OFlWF4uhN0FsQ1d5NYFyytQxJyArs1
/b0v6UnL/pzarO9Df7dAS/nFBrwQBES2jrDM+OIt+Ij0Is5H2VRLvyhLD1BOPjZT
aV5zfpX1VcdzTl/ioqOYcJq6nz075opkI9ukYaMmR1by158xH0zfAXJBNvzds/fH
1KeTWHJZDUnlvhyW2BTHpv3Q2u7NI3/n7xalBFbF8bkMnrKR3kaJngozAsi9H+oe
V3wM5+uSPw2gugc0aUL+9/q4hpWa8glOSfvgbUgkMLeZneK7jBhLtqM5QQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH2skWAEW46gHz324yxjRie7ugXeMB8GA1UdIwQY
MBaAFG0IjO8o4Cr30A8peBbFX448Q9U1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYt
ZmVlOGVhZjczYjBkLzEvZmF5UllBUmJqcUFmUGZiakxHTkdKN3U2QmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9kNTdhNjQtYmQzMi00YzkxLWJlMDYtZmVlOGVhZjczYjBk
LzEvYlFpTTd5amdLdmZRRHlsNEZzVmZqanhEMVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVtCAwQA
TVtMMA0GCSqGSIb3DQEBCwUAA4IBAQB3CEc/qZabktLMZCPjd5wiibX+CqSTaX45
UBR90ueLT9FgYIKrOILA4dtac+pJBHHwKZIDgpnNPQg3S3mvvyJZ7YHEAsmzdWiO
kPTDpa3Zx1Q+g6DVGxAmaYXwjZ1FUTRCbBvZOxjtEMIoKD30Dca2jVgiFWXmPCCA
4Sc/m8VFYmWb3vadbVYN2LOosR28Xbp1kY798zxhKwsbaNIHtOMTySR9F/xWEEUn
2IeHqStjpLO2pSyBBM0KGGUR2Mc3NCE9CITTsCXqIX58DyGVd0atlU7h4Yh+1biA
neNZNqTkekYj0F7tZRYX7N+SlHaYuKsXjxnZSQdME7DweV1Sa4ht
-----END CERTIFICATE-----
Generated at Thu Jul 11 20:57:29 2024 by rpki-client on console-ams.rpki-client.org